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2. Citations and explanations (Rule 70.7) 

Citations 

The examination process has revealed the following documents, 
which represent the general state of the art: 

Dl: EP- 07 0 02 31 A2 

D2 : "Anx-High-Speed Internet Access", Ericsson Review, Volume 

lb, 1998; Patrik Nilsson et al . 

D3 : " High Speed Internet Access over ADSL: Making it happen", 
Telecommunications Review, volume 4, 1997; W. Verbiest 

D4 : EP 087 30 38 A2 

D5: WO 98 36 608 A2 

D6 : WO" 96 38 962 Al 



The claimed invention 

The claimed invention relates to an Internet accessing method 
through an asynchronous transfer mode (ATM) network, which 
involves' employing access server function, which converts 
customer premises equipment to selected service provider. 

The customer premises equipment (CPE) selects an appropriate 
service provider (SP) , using the integrated signalling 
protocol. The access server function (ASF) performs routing 
from CPE to selected SP. The ASF connects the CPE to the 
selected SP, using the integrated signalling protocol. 
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Initially, each CPE is connected to an ATM network, via 
corresponding network termination point (NT) . The- access 
server function (ASF) having permanent virtual connection to 
each NT and service provider (SP) Is established. A tunnelling 
protocol' is established on permanent virtual connection 
between the NT and ASF, to support the integrated signalling 
protocol. The tunnelling protocol is permanently established, 
the integrated signalling is initiated and the user of CPE is 
authenticated, based on the detection result about appropriate 
activity in the CPE. A pool of permanent virtual" connections 
from the ASF to each SP is also provided, and a single 
connection is allocated to each NT from that pool. One 
switched virtual connection (SVC) is established from the ASF 
to each SP, on the basis of signalling received by ASF from 
the CPE through the tunnelling protocol. 

The advantage of the invention, is that the method does not 
require changes to the construction or operation of the SP 
equipment. Further, it offers one permanent virtual connection 
between each NT and ASF and enables automatic configuration of 
LAN interface by dynamic host configuration protocol (DHCP) 
based process, as defined by the Internet software consortium. 



Statement 

The document Dl discloses a method and system for interprocess 
communication and inter-network data transfer. 

Document D2 presents an ATM based broadband access platform, 
providing high-speed Internet access. 

Document D3 concerns a high-speed Internet access using ADSL. 

In document D4 is a method and system providing high-speed 
Internet access over an ATM network presented. 

Document D5 reveals a method and apparatus for multiplexing of 
multiple users on the same virtual circuit. 

From document D6 is a communication network integration system 
known . 
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From Dl(see column 3, line 12- line 52) a method and system 
for interprocess communication and inter-network data transfer 
is known. " Dl presents a method and system for transmitting 
data, using ATM formatted frames and the network transmits, 
data in Internet protocol (IP) packets. 

The claimed viSffntion differs from what is previously known 
through document Dl. The claimed invention according to claims 
1-13 is based on the use of a tunnelling protocol in order to 
establish a permanent virtual connection between each network 
termination point and access server function. 

This difference is not considered obvious to a person skilled 
in the art. Accordingly, the claimed invention as described in 
claims 1-13 seems to involve an inventive step. 

From D2 is known Internet access mechanisms for connecting 
each of several consumer premises equipment via an ATM network" 
to one of. several service providers. The network comprises an 
access server function having a connection to each network 
termination point and each Internet service provider such that 
each network termination point has a permanent connection to 
an access node. 

However, the claimed invention differs from what is known from 
D2, mainiy in that a specific end user can be connected to the 
desired service provider with a minimal number of permanent 
virtual circuits and having the possibility of end-user 
authentication taking place only at the end of the permanent 
virtual circuits. 

Therefore, the claimed invention seems to provide features, 
not obvious to a person skilled in the art. Thus, the claimed 
invention according to claims 1-13 is considered involving an 
inventive step . 

Document D3 teaches a method for a high-speed Internet access 
using ADSL. However, the document D3 is considered as not 
conflicting with the claimed invention. Thus," the method as 
described in D3 is considered as describing^ the general state 
of the art. 

Documents D4-D6 are considered as describing the general state 
of the art. They do not seem to conflict with the claimed 
invention. 
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Conclusion 

The claimed -invention according to patent claims 1-13 .is 
considered to involve an inventive step. 
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Internet/intranet access mechanism 

Background of the invention 

The invention relates to a mechanism for accessing the Internet via 
an ATM (Asynchronous Transfer Mode) network. Within the context of this ap- 
5 plication, 'Internet* should be interpreted broadly to cover any large-area net- 
works using Internet Protocols (IP). Especially it is the applicant's intention to 
include future developments, such as Internet 2 or NGI ('Next generation In- 
ternet'), and corporate networks, commonly referred to as intranets or ex- 
tranets. 

10 a person designing an Internet access mechanism faces several is- 

sues, such as interoperability, security, billing, economic use of IP addresses, 
and how to make the best use of installed equipment, etc. 

From references [1 . Kwok et al.] and [2, Nilsson et al.J are known 
Internet access mechanisms for connecting each of several customer prem- 

15 ises equipment (abbreviated "CPE") via an ATM network to one of several 
service providers (SP). The concept of service provider comprises Internet 
service providers (ISP), content providers (CP, for video-on-demand, etc.), and 
corporate network servers (CNS, for telecommuting, etc.) 

Referring to Fig. 1, CPEs are connected to the ATM network at 

20 network termination points (NT). A typical NT, such as NT1 in Fig. 1, is a net- 
work gateway having a network interface for the customer's local area net- 
work, LAN, and another interface towards the ATM network. Alternatively, a 
personal computer PC or a workstation WS can be connected directly (without 
a LAN) to the ATM network by means of an ATM/ADSL adapter card (shown 

25 as NT2), which in this case is the NT. In both cases, there is a well-defined NT 
for each CPE (although one NT may serve several CPEs). According to both 
cited references, the network comprises an access server function, or ASF, 
having a connection to each NT and each SP such that each NT has a per- 
manent connection or a permanent virtual connection to the ASF. The wording 

30 'access server function' implies that the ASF can be a dedicated network ele- 
ment or it can be integrated into or co-located with another network element, 
such as an ATM switch. In the cited references, the ASF has been referred to 
as an 'access nodeTDSLAM' (digital subscriber line access multiplexer) or an 
'edge router 1 . It should be noted that the difference between 'permanent con- 

35 nection' and 'permanent virtual connection' has become rather blurred and 
later in this application, only 'permanent virtual connection' (PVC) will be used. 
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A problem of the known Internet access mechanisms is that they do 
not give a satisfactory answer to following problem: How can a specific end- 
user be connected to the desired service provider with a minimal number of 
permanent virtual circuits (PVCs) with a possibility of end-user authentication 
taking place only at the ends of the PVCs (not necessarily at the ASF)? 

Disclosure of the invention 

An object of the invention is to solve or at least minimise the prob- 
lem associated with the prior art access mechanisms. The object is achieved 
with a method and equipment which are characterized by what is disclosed in 
the attached independent claims. Preferred embodiments of the invent.on are 
disclosed in the attached dependent claims. 

The invention is based on establishing a tunnelling protocol on the 
permanent virtual connection between each CPE or NT and the ASF. wherein 
the tunnelling protocol is able to support an integrated signalling protocol. Se- 
lecting an appropriate SP is based on the integrated signalling protocol. Rout- 
ing to the selected SP is performed by the ASF. Finally, the ASF connects the 
CPE or NT to the selected SP using the integrated signalling protocol. 

Within the context of this application, 'tunnelling protocol' refers to a 
protocol which allows creating and maintaining virtual private sessions via 
various network media such as IP, ATM, Frame Relay, etc. Correspondingly, 
'integrated signalling protocol' (i.e. a signalling protocol integrated into the tun- 
nelling protocol) refers to a control protocol which is used for creating, main- 
taining and releasing these sessions. 

Implementation of the invention, however, raises two new issues: 
the ATM network must provide non-ATM functions in the ASF, and, unless 
properly dimensioned, the ASF can be a performance bottleneck. Such non- 
ATM functions performed by the ASF include functions above the ATM layer 
for the user connections, namely SAR/AAL5, the entire tunnelling protocol and 
selecting the SP by L2 signalling. These functions require appropriate adm.n.- 
, stration After a careful study of the pros and cons of the invention, it will be 
observed that there are situations where the advantages of the invention jus- 
tify the added complexity of the ASF. 

According to a preferred embodiment of the invention, one perma- 
nent virtual connection PVC is provided from the ASF to each SP. Alterna- 
3 tively there is provided a pool of permanent virtual connections from the ASF 
to each SP One PVC is allocated to each CPE from this pool. As a further op- 
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ton it is possible to establish one switched virtual connection (SVC) from the 
ASF to each SP, on the basis of signalling which the ASF receives from the 

CPE via the tunnelling protocol. 

The tunnelling protocol can be established only in response to de- 
5 tecting appropriate user activity in a CPE. Alternatively the tunnelling , orotoco 
can be permanent and the integrated signalling » nutated and the user .s 
authenticated only in response to detecting appropriate user actvjty n the 
CPE According to a further preferred embodiment, the user .s authent.cated 
twice, first by the ASF using the tunnelling protocol, and then by the SP. 

10 Brief description of the drawings 

The invention will be described in more detail by means of preferred 
embodiments with reference to the appended drawing in which: 

Fig. 1 is a block diagram illustrating the Internet/intranet access 
mechanism according to the invention. 

1 5 Detailed description of the invention 

Fig 1 a is block diagram comprising several customer premises 
equipment CPE, connected via network termination points NT to an access 
server function ASF according to the invention. The ASF can be a ded.cated 
network element, or it can be integrated into or co-located ^ -"other net- 
20 work element, such as an ATM switch (which is known to a stalled person and 

not shown separately). „,„„ih 
The ASF provides access from each CPE to several service provid- 
ers SP such as internet service providers ISP, content providers CP and cor- 
porate networks CN. The invention requires no changes to the construction or 
25 operation of the SP equipment. Instead, the invention can be imple imeme ,d in 
the ASF and the NT. There is preferably one permanent virtual connection 

(PVC) between each NT and the ASF. „, ,„ , .,-r, 

in the embodiment shown in Fig. 1 , there is one PVC from NT2 (,n 
the workstation WS) to the ASF. Also, assuming that at leas, one ^ *e per- 

30 sonal computers PC is active, mere is also a PVC from NT1 to the ASF. All the 
pe La, computers PC connected to the LAN share the PVC between NT 
and the ASF. According to a preferred embodiment o, the <^-*~'££ 
tunnelling protocol, such as L2TP (Layer 2 Tunnelling Protocol), on the PVC 
Z each active PC to the NT. The tunnelling protocol combines t e sessions 

35 and signalling from all active PCs into a single tunnel from the NT to the ASF. 
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The tunnelling protocol must be able to support an integrated signalling proto- 
col The end user (i.e. the person using the CPE or a software agent be.ng 
executed in the CPE) selects an appropriate SP by using the integrated sig- 
nalling protocol. Routing to the selected SP is performed by the ASF. Finally, 
5 the ASF connects the CPE or NT to the selected SP using the integrated sig- 
nalling protocol. 

Reference 11 points to a preferred protocol stack at the NT and ref- 
erence 12 points to a preferred protocol stack at the ASF. (The workstation 
WS connected to NT2 without a LAN needs a simpler protocol stack, cons.st- 

o ing only of the right half of the protocol stack 1 1 , i.e. PPP, L2TP, AAL5, ATM, 
and PHY ) Having point-to-point connectivity PPP over L2TP provides end-to- 
end security. In other words, it is not necessary for the ASF to authenticate the 
user, although the ATM operator may still choose to do so, in order to charge 
the subscriber for the duration of the session. However, even in this case, the 

5 end-user's choice of SP is not known to the ATM operator, which is a clear 

benefit to the owners of the SPs. 

The preferred embodiment saves a considerable amount of PVCs 
over the prior art access mechanisms. Let us calculate an example case of 
10000 customers and 8 SPs and 20 ASFs (one ASF per 500 CPE). If all cus- 

90 tomers need access to all SPs, the prior art access mechan.sms requ.re a 
separate PVC for each customer/SP combination, i.e. in this example 8 * 
10 000 = 80 000 PVCs. In comparison, the mechanism according to the inven- 
tion requires a PVC only for each customer and each ASF/SP combination, 
i.e. 10 000 + 8*20 = 10160 PVCs. (This number is not perfectly accurate since 

25 some ASF/SP connections can be switched virtual connections, SVC.) 

According to an alternative embodiment of the invention, there is a 
separate PVC from each active PC between the NT and the ASF. In this case, 
implementation of the NT is easier because the tunnels from the PCs do not 
have to be combined (instead, all tunnels pass from the PCs, over the LAN, 

30 through the NT to the ASF). 

The ATM operator's billing can be based on the time there is a PVU 
between the customer and the ASF. The invention simplifies this kind of billing 
because there is only one PVC from each customer. Also, when the customer 
changes the SP, a new PVC configuration is not needed. 

35 Configuring and managing the NT device according to the inven- 

tion like the device itself, is rather simple. Only its LAN interface and its ATM 
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interface require configuration: an IP address, a subnet mask and an ATM 
PVC The latter can be received automatically, using a technique known as 
ILMI (Interim Local Management Interface) as defined by ATM Forum UNI 
(User to Network Interface) 3.1. ILMI supports bidirectional exchange of man- 
agement information between UNI management entities related to the ATM 
layer and physical layer parameters. Correspondingly, the LAN interface can 
be configured automatically by a process known as DHCP (Dynam.c Host 
Configuration Protocol), as defined by the Internet Software Consortium. 

The description only illustrates preferred embodiments of the inven- 
tion. The invention is not, however, limited to these examples, but .t may vary 
within the scope of the appended claims. 

R©f © r© n c©s * 

1 Kwok, Timothy et al: An Interoperable End-to-End Broadband 
Service Architecture over ASDL Systems, version 1.0. 3 June, 1997, available 
at address http://www.3com.com/xdsl/microwt.html at the priority date of th.s 

application^ ^ a| . Anx __ Hjgn . speed internet Access, available 

at address http://www.ericsson.com/Review/er1b_98/art4/art4.html at the pri- 
ority date of this application. The www address implies that reference 2 was 
printed in Ericsson Review magazine. 

Both cited references are incorporated herein by reference. 
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1 A method for connecting one of several customer premises 
equipment, or CPE. via an ATM network to one of severe, service provders, 

SPS ' " M rn^eaTcPE to the ATM network via a corresponding net- 

"^^accels Server function, or ASF, Having a permanent 
virtual connection to each NT and a connection to each SP; 

characterized in that 

a tunnelling protocol is established on said permanent virtual con- 
nection between each NT and said ASF, said tunnelling protocol being able 

^-J^TSJTT- appropriate SP by using said inte- 
grat ed —J>^ id ^ ^ ^ ^ sp ^ by saj(J 

ASR ^ said ASF connects the CPE to the selected SP using said inte- 
grated signalling protocol. 

2 A method according to claim 1 . c h a r a c t e r i z e d by providing 
o one permanent virtual connection from the ASF to each SP. 

3 A method according to claim 1 , c h a r a c t e r i z e d by providing 
a poo, of percent virtual connects from the ASF to each SP; and allo- 
cating one connection to each NT from said pool. 

4 A method according to claim 1 , c h a r a c t e r i z e d by estab- 

protocol. 

5 A method according to claim 1 , c h a r a c t e r i z e d by estab- 
lishing said tunnelling protocol only in response to detecting approbate aCv- 

30 ity in said CPE. 

6 A method according to claim 1, characterized by 
lishing said tunnelling protocol permanently and initiating said integrated s,g- 
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nailing and authenticating the user of said CPE only in response to detecting 
appropriate activity in said CPE. 

7. A method according to claim 1, character! zed by authenti- 
cating the user of said CPE both by said ASF and by the selected SP. 

5 8. A network element (ASF) providing an access server function for 

connecting each of several customer premises equipment, or CPE, via an 
ATM network to one of several service providers, or SPs, said network ele- 
ment comprising: 

interface means to several network termination points, or NTs tor 
o connecting each CPE to the ATM network via a corresponding NT; and 

interface means to each SP for providing a permanent virtual con- 
nection or a switched virtual connection thereto; 

characterized in that the network element is arranged to: 
use a tunnelling protocol on said permanent virtual connection be- 
15 tween itself and each NT, said tunnelling protocol being able to support an in- 
tegrated signalling protocol; 

select an appropriate SP in response to signalling from each CPE 
or its user, said selecting being carried out using said integrated signalling 
protocol; 

20 support routing from each CPE to said selected SP; and 

connect each CPE to the selected SP using said integrated signal- 
ling protocol. 

9. A network element (ASF) according to claim 8, characteri- 
zed in that it is arranged to provide one permanent virtual connection from 

25 itself to substantially each SP. 

10. A network element (ASF) according to claim 8, c h a r a cte - 
rized in that it is arranged to provide a pool of permanent virtual connec- 
tions from itself to each SP and to allocate one connection to each active NT 
from said pool. 

30 i«| a network element (ASF) according to claim 8, c h a r a c t e - 

r i z e d in that it is arranged to provide a switched virtual connection from itself 
to at least one SP. 
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12. A network element (ASF) according to claim 8, characte- 
rize d in that it is arranged to provide a separate tunnel from itself to sub- 
stantially each CPE. 

13. A network element (ASF) according to claim 8, characte- 
5 r i z e d in that it is arranged to cooperate with an NT between itself and each 

CPE 

said NT being arranged to provide a separate tunnel from itself to 
substantially each CPE and to combine the separate tunnel into fewer tunnels, 
preferably a single tunnel, from itself to the ASF. 



